synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-13 21:36:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: fix security vulnerabilities reported by CodeQL (#5467)

Browse Source
This commit is contained in:
Dean Sheather
2022-12-20 05:25:59 +10:00
committed by GitHub
parent e359f3cd23
commit 1bc4eb5329
8 changed files with 42 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
coderd/gitauth/oauth.go
View File

@ -45,13 +45,13 @@ var scope = map[codersdk.GitProvider][]string{
codersdk.GitProviderGitHub: {"repo", "workflow"},
}
// regex provides defaults for each Git provider to
// match their SaaS host URL. This is configurable by each provider.
// regex provides defaults for each Git provider to match their SaaS host URL.
// This is configurable by each provider.
var regex = map[codersdk.GitProvider]*regexp.Regexp{
codersdk.GitProviderAzureDevops: regexp.MustCompile(`dev\.azure\.com`),
codersdk.GitProviderBitBucket: regexp.MustCompile(`bitbucket\.org`),
codersdk.GitProviderGitLab: regexp.MustCompile(`gitlab\.com`),
codersdk.GitProviderGitHub: regexp.MustCompile(`github\.com`),
codersdk.GitProviderAzureDevops: regexp.MustCompile(`^(https?://)?dev\.azure\.com(/.*)?$`),
codersdk.GitProviderBitBucket: regexp.MustCompile(`^(https?://)?bitbucket\.org(/.*)?$`),
codersdk.GitProviderGitLab: regexp.MustCompile(`^(https?://)?gitlab\.com(/.*)?$`),
codersdk.GitProviderGitHub: regexp.MustCompile(`^(https?://)?github\.com(/.*)?$`),
}
// newJWTOAuthConfig creates a new OAuth2 config that uses a custom